Please share with your IT and Cyber community as soon as possible.
Bob Bastani, CISSP, CISM, CRISC
Senior Cyber Security Advisor
Healthcare and Public Health Sector
Critical Infrastructure Protection
Assistant Secretary for Preparedness and Response (ASPR)
Department of Health and Human Services (HHS)
W: (202) 691-2080
C: (202) 853-7965
The information contained in this electronic e-mail transmission and any attachments are intended only for the use of the individual or entity to whom or to which it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this communication is not the intended recipient, or the employee or agent responsible for delivering this communication to the intended recipient, you are hereby notified that any dissemination, distribution, copying or disclosure of this communication and any attachment is strictly prohibited. If you have received this transmission in error, please notify the sender immediately by telephone and electronic mail, and delete the original communication and any attachment from any computer, server or other electronic recording or storage device or medium.
From: Bastani, Robert (OS/ASPR/SIIM) Sent: Friday, July 2, 2021 11:25 PM To: HSCC-CWG-FULL (HSCC-CWG-FULL@LISTSERV.NHISAC.ORG) <email@example.com>; 'Rice, Terry' <firstname.lastname@example.org>; Greg Garcia (greg.garcia@HealthSectorCouncil.org) <greg.garcia@HealthSectorCouncil.org>; Theresa Meadows <Theresa.Meadows@cookchildrens.org>; Schwartz, Suzanne (FDA/CDRH) <Suzanne.Schwartz@fda.hhs.gov>; Wilkerson, Jessica (FDA/CDRH) <Jessica.Wilkerson@fda.hhs.gov> Cc: HC3 Management <HC3email@example.com>; Falcon, Jessica (OS/ASPR/SIIM) <Jessica.Falcon@hhs.gov>; Laura Wolf (OS/ASPR/SIIM) (Laura.Wolf@hhs.gov) <Laura.Wolf@hhs.gov>; CORMAN, JOSHUA <firstname.lastname@example.org>; William Welch (OS/ASA/OCIO) (William.Welch@hhs.gov) <William.Welch@hhs.gov>; Deleon, Luis (OS/ASPR/SIIM) <Luis.Deleon@hhs.gov>; Czarzasty, James (OS/ASPR/EMMO) <James.Czarzasty@hhs.gov>; Wilkerson, Jessica (FDA/CDRH) <Jessica.Wilkerson@fda.hhs.gov>; Rahul Gaitonde (Rahul.Gaitonde@hhs.gov) <Rahul.Gaitonde@hhs.gov>; Allen, Shaun (OS/ASPR/SOC) <Shaun.Allen@hhs.gov>; Peitzman, Matthew (OS/ASPR/SOC) <Matthew.Peitzman@hhs.gov>; Kevin (OS/ASPR/SIIM) Dang (CTR) (Kevin.Dang@hhs.gov) <Kevin.Dang@hhs.gov>; Moeller, Jeffrey (OS/ASPR/SIIM) <Jeffrey.Moeller@hhs.gov>; OS Secretarys Operations Center <email@example.com>; SOC Information Management Section Chief (OS/ASPR) <SOC.IM@hhs.gov>; Caitlin Force (Caitlin.Force@hhs.gov) <Caitlin.Force@hhs.gov>; Jenkins, Robert (OS/ASPR/SOC) <Robert.Jenkins@hhs.gov>; Ospina, Juan (OS/ASPR/SOC) <Juan.Ospina@hhs.gov>; Brackins, Thomas (OS/ASPR/SOC) <Thomas.Brackins@hhs.gov>; Cupples, John (OS/ASPR/SOC) <John.Cupples@hhs.gov>; Dokong, Rhibano (OS/ASPR/SOC) <Rhibano.Dokong@hhs.gov>; OS CIP (HHS/OS) <CIP@hhs.gov> Subject: Urgent Cyber Security Advisory: Kaseya VSA Supply-Chain Ransomware Attack Importance: High
CISA is tracking a new critical issue with Kaseya RMM tool. This is of interest since this tool is used widely in the healthcare sector. CISA has an initial post on website, Kaseya VSA Supply-Chain Ransomware Attack | . CISA is taking action to understand and address the supply-chain ransomware attack against Kaseya VSA and the multiple #MSPs that employ VSA software and recommends immediate review of the Kaseya advisory and guidance to shutdown VSA servers.
From: US-CERT <US-CERT@ncas.us-cert.gov> Sent: Friday, July 2, 2021 5:05 PM To: Bastani, Robert (OS/ASPR/SIIM) <Robert.Bastani@hhs.gov> Subject: Kaseya VSA Supply-Chain Ransomware Attack
You are subscribed to National Cyber Awareness System Current Activity for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.
Kaseya VSA Supply-Chain Ransomware Attack
07/02/2021 04:44 PM EDT
Original release date: July 2, 2021
CISA is taking action to understand and address the recent supply-chain ransomware attack against Kaseya VSA and the multiple managed service providers (MSPs) that employ VSA software. CISA encourages organizations to review the Kaseya advisory and immediately follow their guidance to shutdown VSA servers.
This product is provided subject to this Notification and this Privacy & Use policy.
Having trouble viewing this message? View it as a webpage .
Connect with CISA: Facebook | Twitter | Instagram | LinkedIn | YouTube
This email was sent to firstname.lastname@example.org using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency · 707 17th St, Suite 4000 · Denver, CO 80202
1201 I Street NW, 4th FlWashington, DC 20005
Phone: +1 202 783 5550E-mail: email@example.com
About UsCode of Conduct